Like many people these days I currently work from home. Due to the corona pandemic, everything that is not essential is closed in Switzerland. Since I work in software development, it is possible to work at home. Most if not all people in my team do so. What is great about the new situation is that I can now eat lunch with my family. We also try to go for a short walk to the lake or the forest after lunch. But there are a couple of factors that make working at home challenging:
- The factor that I anticipated to be the worst, is distraction. Normally when I try to work on something at home that needs concentration, it takes on average five minutes before somebody comes and wants something from me. And then again after another five minutes, and again and again. This is why I can usually only work at home, when everybody else is asleep. All the more astonished am I, that they leave me do my work now that it’s for my employer and not a hobby project of mine. A very important contribution is from my noise cancelling headphones. Without them this would not be possible.
- The office at home is the size of a broom closet. It is 1.4 by 2.2 meters with no window or direct daylight. Thus it is important to go out to the patio from time to time to get some fresh air and some rays of sun light.
- I have a very comfortable chair in my home office, and a nice solid table. But I grew so used to the table I have at work that I can raise to a standing position whenever I want. Even if I wanted to buy such a table, I couldn’t fit it in my small office at home. So I have to take care to move my body enough, not to develop back pain. Especially now that I can’t go swimming in the communal pool. I just hope the lock-down won’t get so bad that I can’t go running any more.
- My screens are roughly 20 years old, and the low resolution makes it a bit challenging to work effectively. I wanted to order a new screen for years, but always postponed the purchase. Now that I knew that I would work from home, I figured it is the time to go ahead. Even though I ordered it very soon, delivery took more than a week, as the online shops and delivery companies are totally overwhelmed at the moment. The new screen is a blast. It is even bigger than I imagined.
- And then, there is the elephant in the room. Let me begin by a quote I recently read on the website of the Session messenger: “Friends donâ€™t let friends use compromised messengers”. This statement really resonated with me. On the opposite end of the spectrum, there is a communication software that is closed source, has a proprietary protocol, centralized infrastructure, no end-to-end encryption, constant access to the internet, the microphone, the webcam, the keyboard and the screen. On top of that it also has the capability to take over control of the computer. Back Orifice pales in comparison with these capabilities. That it is tedious to use and only fully works about half of the time is only the lesser evil. It was developed by a company with a long track record of deception and abuses. This software is called Microsoft Teams, and it was recently declared as the primary means of communication in our company. In the past, I flat out refused to use it. But in the current environment of emergency, I felt that I could not complicate things. Apparently, there was not much opposition against inviting the panopticon into our homes. When a co-worker told me that it could be used from within the browser, I was slightly relieved. As long as it is contained in the browser sandbox, the amount of harm it can do is somewhat limited. With the browser you have some control over what access you grant it. Unfortunately in the browser only the chat feature worked, but no audio or video calls. So my team lead asked me to install the desktop client. Installing malware directly on the machine was a no-go for me. So I installed it quarantined inside an empty virtual machine. This now works for audio conferences. But I feel uneasy, uncomfortable even stressed, whenever it is running. My stress level when Teams is running is comparable with sitting on a dentist chair. That is not healthy over time. Thus I often block access to the microphone and the network to the VM, but that brings only light improvement. So, when somebody writes on slack, I enable Teams, but I can’t have it running with full access all the time, I just can’t. I am reachable through slack, email, phone, text messages, tox, matrix, session, even telegram and soon Juggernaut. They all have an open source client that I can trust. I just need a quick note, to start Teams on request. Isn’t it ironic that with the struggle to care about physical hygiene, nobody seems to think about digital hygiene.
I often think about why I care more about digital security and privacy than average people. So many people carelessly ignore the security of their devices, it is completely reckless. How people voluntarily put something like an Amazon Alexa in their home is beyond me. I don’t think I have more to hide than other people. For a long time I have cared about FLOSS . It is not only that I dislike artificial barriers, vendor-lock-ins and planned obsolescence. It is also the trust gained through being able to inspect the software. But the biggest impact came, when I started to be involved with Bitcoin. This is when I really learned about the value of information, and how to protect it. There were times when I had more wealth sitting on my computer than on my bank account. Who wouldn’t think about how to protect it from the grabs of thieves. With Bitcoin, you are responsible for the private keys. When you fail to protect them, your wealth is gone. There is no bank you can beg to reverse the transaction.Â But on the plus side, If you protect your data well, nobody can steal it from you. If your bank goes bust, your Bitcoins are still save. Many people don’t want that responsibility, and prefer somebody else to handle it for them. I can see the same behavior with cloud computing. Bitcoin people are very passionate about OpSec. I am talking about the original cypherpunk people here, not the “get rich quick” crowd that showed up later on. There is a mantra in the Bitcoin world: “don’t trust, verify”. Everything that can’t be verified, such as closed source software has to be considered compromised.
Ok, enough of going on a tangent. This post is about working from home. My wive calculated the first day, that I should now be able to finish at least an hour earlier, because there is no more commute. Sounds reasonable, right? My usual day now looks like this: I get up at the same time as usual and take a shower. I dress the same way and groom the beard the same way as I would, if I went outside. Instead of having breakfast alone and driving to work, I start working. When everybody is ready, we have breakfast together. After that I work again until lunch is ready. When I have to go to the toilet, I also grab a fresh tea and go outside for a minute to get some fresh air and some sun. The lunch break is longer than at the office. The kids eat very slowly, and we have a rule at home that we all wait at the table for everybody to finish. Then we usually go for a walk to the forest and/or the lake. We are very fortunate that both are only about two hundred meters away. Because the lunch break is longer, I often work as long in the afternoon, as I usually am in the office. Sometimes I even work till the time I would otherwise arrive at home.
We also currently spend the weekends mostly at home. So I took the chance, to tidy up and clean my small office at home.
Interesting reading about privacy in the current state of emergency:
- Open vs Certified
- Datenwut: Chaos Computer Club vergleicht Microsoft Office mit Spyware
- Microsoft faces Dutch crunch over Windows 10 private data slurp
- A GIF Image Could Have Let Hackers Hijack Microsoft Teams at Your Firm
- The world after coronavirus
- What You Should Know About Online Tools During the COVID-19 Crisis
- Ãœberwacht: Sieben Milliarden im Visier
- To Track Coronavirus, Israel Moves to Tap Secret Trove of Cellphone Data
- Protecting Civil Liberties During a Public Health Crisis
- Privacy Advocates Are Sounding Alarms Over Coronavirus Surveillance
- Data â€“ the new oil, or potential for a toxic oil spill?
- Purisms Essential List of Free Software for Remote Work
- 11 countries are now using people’s phones to track the coronavirus pandemic, and it heralds a massive increase in surveillance
- Bosses Panic-Buy Spy Software to Keep Tabs on Remote Workers
- Microsofts Software ist Schadsoftware
- Zoom needs to clean up its privacy act
- Researchers Say Microsoft Edgeâ€™s Telemetry Has the Worst Privacy of Any Major Browser
- Does your video call have End-to-End Encryption? Probably not..
- This is what end-to-end encryption should look like!
- Zoomâ€™s Security Woes Were No Secret to Business Partners Like Dropbox
- Die freundliche Spionin
- Weâ€™re losing the war against surveillance capitalism because we let Big Tech frame the debate
- Datenschutz-AufsichtsbehÃ¶rde: Teams und Zoom lassen sich nicht DSGVO-konform nutzen
- Microsoft 365 is a full-fledged workplace surveillance tool
- AnwenderÃ¼berwachung durch Microsofts Office-Software
Last but not least, some conspiracy theory:
Bill Gates, The Caricature of a Villain
ich hesse Harry und habe Deine github Fehlermeldung zu juggernaut gelesen.
Ich kann mich auch nicht verbinden. Ich habe btcpay server als docker auf einer ubuntu-maschine. Wie auch immer. Kannst Du mir Bescheid geben, wenn das mal gelÃ¶st ist? Und wie?
Das Projekt ist noch frÃ¼h. Eventuell kÃ¶nnen wir uns dann mal verbinden, um in Juggernaut zu schreiben.
Viele GrÃ¼sse Harry
Look what communication I witnessed the other day:
I am having interesting chat at my work. I am working remotely because of covid and I refuse to use Teams app, because I can’t be sure that it stops to listen me when I close the app and/or audio. My boss is trying to force me to use the app to share my screen and that doesn’t seem to work with my firefox browser, so my colleagues try to force me to install the app.
I am ok, to use the web browser version, since I trust much more the privacy settings of Firefox. Laptop doesn’t have physical switch for the microphone and this is my home. My family has also rights about their privacy. Right not to be heard.
I asked my colleagues to connect to vmware shared screen, but they refused, without reason. Now suddenly everything is my fault, because I am different.
My company has given me laptop and they ask me to use that at home. Still, in my opinion this is private place and I am the only one, who needs to be control if and when I transmit audio and/or video. I try to do my work well, so it is very annoying when people try to force me with some policies that violates my (and my family member) rights.
If I recall right, someone used to tell me here about dummy microphones. Would it help. Is it still possible the laptop default mic is switched on ?
or do I need to open the company laptop and cut the wire ? 🙂
Camera is easier, I can block it with the tape
this sounds so familiar: we have a running open-source chat in-house yest still some managers pushed first for some other proprietary garbage (where I refused to use voice or camera due to its lacking and non-gdpr-compliant data protection) and now for ms-teams. I have been asking now for months the reponsible people how this can possibly resolved in the face of gdpr – cloud-act law-collision, and what their opionion would be about ms-teams lacking and non-gdpr-compliant data protection – they are working since weeks now with an external data protection expert, they say – I am curious what will come out of this.
to me there are different levels of PII – when I have to use a company email from a shady proveider, I would have less of a problem, as soon as PII come ito play that are or are partly biometric data, like voice and video chat I do not want this data on the shady provider service, as I cannot change my biometric features easily..
so for me, even if there were no family members around, whoms’ rights would be infringed, the choice of using voice or video chat should be up to the person who’s biometric data is in play (not sure how this works legally in all the different countries).
of course this can become a very hairy matter quickly, with bosses that is not interested in data protection and privacy, trying to force people onto specific privacy intrusive services.. )-:
Probably easier to look for another job. I didn’t want to have Microsoft Teams running the whole day on my computer. And I couldn’t find another tool that I could trust,which can communicate with the proprietary MS protocol. My boss insisted on running the malware the whole day. So I looked for another job. Now I am looking forward to the new job where they use trustworthy tools, and counting the days where I still have to use the malware.
sad but probably true. I took the same decision.
thx for the insights on your ms-team circumvention research! (-:
so far I blocked all the requests at my ending job to use this intrusive garbage, but good to know how to limit contact surface during the last weeks, in case I am forced to use it. /-:
News keep coming out:
And another one: